CVE-2024-29041 - Vulnerability Details

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Redhat	Apicurio Registry Network Observ Optr Openshift Data Foundation Openshift Pipelines Rhmt Service Mesh

No data.

Package	CPE	Advisory	Released Date
NETWORK-OBSERVABILITY-1.6.0-RHEL-9
network-observability/network-observability-cli-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-console-plugin-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-ebpf-agent-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-flowlogs-pipeline-rhel9:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-operator-bundle:1.6.0-78	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
network-observability/network-observability-rhel9-operator:v1.6.0-66	cpe:/a:redhat:network_observ_optr:1.6.0::el9	RHSA-2024:3868	2024-06-17T00:00:00Z
OpenShift-Pipelines-1.16-RHEL-8
openshift-pipelines/pipelines-chains-controller-rhel8:v1.16.0-6	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-cli-tkn-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-console-plugin-rhel8:v1.16.0-52	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-controller-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-entrypoint-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-events-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-git-init-rhel8:v1.16.0-5	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-hub-api-rhel8:v1.16.0-3	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-hub-db-migration-rhel8:v1.16.0-3	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-hub-ui-rhel8:v1.16.0-3	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-manual-approval-gate-rhel8:v1.16.0-2	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-nop-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-operator-bundle:v1.16.0-42	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-operator-proxy-rhel8:v1.16.0-28	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-operator-webhook-rhel8:v1.16.0-28	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-pipelines-as-code-rhel8:v1.16.0-3	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-resolvers-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-results-api-rhel8:v1.16.0-6	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-results-retention-policy-agent-rhel8:v1.16.0-4	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-results-watcher-rhel8:v1.16.0-6	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-rhel8-operator:v1.16.0-28	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-serve-tkn-cli-rhel8:v1.16.0-5	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-triggers-controller-rhel8:v1.16.0-4	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-triggers-core-interceptors-rhel8:v1.16.0-5	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8:v1.16.0-5	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-triggers-webhook-rhel8:v1.16.0-5	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-webhook-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
openshift-pipelines/pipelines-workingdirinit-rhel8:v1.16.0-7	cpe:/a:redhat:openshift_pipelines:1.16::el8	RHEA-2024:7870	2024-10-09T00:00:00Z
Red Hat build of Apicurio Registry 2.6.1 GA
express	cpe:/a:redhat:apicurio_registry:2.6	RHSA-2024:4873	2024-07-25T00:00:00Z
Red Hat Migration Toolkit for Containers 1.8
rhmtc/openshift-migration-ui-rhel8:v1.8.4-10	cpe:/a:redhat:rhmt:1.8::el8	RHSA-2024:7164	2024-09-26T00:00:00Z
Red Hat OpenShift Service Mesh 2.6 for RHEL 8
openshift-service-mesh/grafana-rhel8:2.6.1-6	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/istio-cni-rhel8:2.6.1-7	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/istio-must-gather-rhel8:2.6.1-4	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/istio-rhel8-operator:2.6.1-9	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/kiali-ossmc-rhel8:1.89.0-2	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/kiali-rhel8:1.89.1-3	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/kiali-rhel8-operator:1.89.1-1	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/pilot-rhel8:2.6.1-7	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
openshift-service-mesh/ratelimit-rhel8:2.6.1-6	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:6211	2024-09-03T00:00:00Z
Red Hat OpenShift Service Mesh 2.6 for RHEL 9
openshift-service-mesh/proxyv2-rhel9:2.6.1-4	cpe:/a:redhat:service_mesh:2.6::el9	RHSA-2024:6211	2024-09-03T00:00:00Z
RHODF-4.14-RHEL-9
odf4/mcg-core-rhel9:v4.14.11-1	cpe:/a:redhat:openshift_data_foundation:4.14::el9	RHSA-2024:7624	2024-10-03T00:00:00Z
RHODF-4.18-RHEL-9
odf4/ocs-client-console-rhel9:v4.18.2-8	cpe:/a:redhat:openshift_data_foundation:4.18::el9	RHSA-2025:4511	2025-05-06T00:00:00Z
odf4/odf-console-rhel9:v4.18.2-7	cpe:/a:redhat:openshift_data_foundation:4.18::el9	RHSA-2025:4511	2025-05-06T00:00:00Z
odf4/odf-multicluster-console-rhel9:v4.18.2-8	cpe:/a:redhat:openshift_data_foundation:4.18::el9	RHSA-2025:4511	2025-05-06T00:00:00Z

References

Link	Providers
https://expressjs.com/en/4x/api.html#res.location
https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd
https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94
https://github.com/expressjs/express/pull/5539
https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc
https://github.com/koajs/koa/issues/1800
https://nvd.nist.gov/vuln/detail/CVE-2024-29041
https://www.cve.org/CVERecord?id=CVE-2024-29041

History

Tue, 06 May 2025 15:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift_data_foundation:4.18::el9

Fri, 25 Apr 2025 03:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Pipelines
CPEs		cpe:/a:redhat:openshift_pipelines:1.16::el8
Vendors & Products		Redhat openshift Pipelines

Fri, 04 Oct 2024 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Data Foundation
CPEs		cpe:/a:redhat:openshift_data_foundation:4.14::el9
Vendors & Products		Redhat openshift Data Foundation

Thu, 26 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhmt
CPEs		cpe:/a:redhat:rhmt:1.8::el8
Vendors & Products		Redhat rhmt

Fri, 06 Sep 2024 14:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat service Mesh
CPEs		cpe:/a:redhat:service_mesh:2.6::el8 cpe:/a:redhat:service_mesh:2.6::el9
Vendors & Products		Redhat service Mesh

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-25T20:20:06.205Z

Updated: 2024-08-02T01:03:51.705Z

Reserved: 2024-03-14T16:59:47.614Z

Link: CVE-2024-29041

Vulnrichment

Updated: 2024-05-23T19:01:19.506Z

NVD

Status : Awaiting Analysis

Published: 2024-03-25T21:15:46.847

Modified: 2024-11-21T09:07:26.023

Link: CVE-2024-29041

Redhat

Severity : Important

Publid Date: 2024-03-25T00:00:00Z

Links: CVE-2024-29041 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29041", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-14T16:59:47.614Z", "datePublished": "2024-03-25T20:20:06.205Z", "dateUpdated": "2024-08-02T01:03:51.705Z"}, "containers": {"cna": {"title": "Express.js Open Redirect in malformed URLs", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1286", "lang": "en", "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"}, {"name": "https://github.com/koajs/koa/issues/1800", "tags": ["x_refsource_MISC"], "url": "https://github.com/koajs/koa/issues/1800"}, {"name": "https://github.com/expressjs/express/pull/5539", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/pull/5539"}, {"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"}, {"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"}, {"name": "https://expressjs.com/en/4x/api.html#res.location", "tags": ["x_refsource_MISC"], "url": "https://expressjs.com/en/4x/api.html#res.location"}], "affected": [{"vendor": "expressjs", "product": "express", "versions": [{"version": ">=4.14.0, <4.19.0", "status": "affected"}, {"version": ">=5.0.0-alpha.1, <5.0.0-beta.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-25T20:20:06.205Z"}, "descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."}], "source": {"advisory": "GHSA-rv95-896h-c2vc", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-26T13:59:28.274744Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:57:16.909Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:03:51.705Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"}, {"name": "https://github.com/koajs/koa/issues/1800", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/koajs/koa/issues/1800"}, {"name": "https://github.com/expressjs/express/pull/5539", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/expressjs/express/pull/5539"}, {"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"}, {"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"}, {"name": "https://expressjs.com/en/4x/api.html#res.location", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://expressjs.com/en/4x/api.html#res.location"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29041", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-14T16:59:47.614Z", "datePublished": "2024-03-25T20:20:06.205Z", "dateUpdated": "2024-06-04T17:57:16.909Z"}, "containers": {"cna": {"title": "Express.js Open Redirect in malformed URLs", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1286", "lang": "en", "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"}, {"name": "https://github.com/koajs/koa/issues/1800", "tags": ["x_refsource_MISC"], "url": "https://github.com/koajs/koa/issues/1800"}, {"name": "https://github.com/expressjs/express/pull/5539", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/pull/5539"}, {"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"}, {"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"}, {"name": "https://expressjs.com/en/4x/api.html#res.location", "tags": ["x_refsource_MISC"], "url": "https://expressjs.com/en/4x/api.html#res.location"}], "affected": [{"vendor": "expressjs", "product": "express", "versions": [{"version": ">=4.14.0, <4.19.0", "status": "affected"}, {"version": ">=5.0.0-alpha.1, <5.0.0-beta.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-25T20:20:06.205Z"}, "descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."}], "source": {"advisory": "GHSA-rv95-896h-c2vc", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-26T13:59:28.274744Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:19.506Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."}, {"lang": "es", "value": "El framework web minimalista Express.js para node. Las versiones de Express.js anteriores a 4.19.0 y todas las versiones alfa y beta preliminares de 5.0 se ven afectadas por una vulnerabilidad de redireccionamiento abierto que utiliza URL con formato incorrecto. Cuando un usuario de Express realiza una redirecci\u00f3n utilizando una URL proporcionada por el usuario, Express realiza una codificaci\u00f3n [usando `encodeurl`](https://github.com/pillarjs/encodeurl) en el contenido antes de pasarlo al encabezado de `ubicaci\u00f3n`. Esto puede hacer que las URL con formato incorrecto se eval\u00faen de maneras inesperadas mediante implementaciones de listas permitidas de redireccionamiento com\u00fan en aplicaciones Express, lo que lleva a una redirecci\u00f3n abierta al omitir una lista permitida implementada correctamente. El m\u00e9todo principal afectado es `res.location()` pero tambi\u00e9n se llama desde `res.redirect()`. La vulnerabilidad se solucion\u00f3 en 4.19.2 y 5.0.0-beta.3."}], "id": "CVE-2024-29041", "lastModified": "2024-11-21T09:07:26.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-25T21:15:46.847", "references": [{"source": "security-advisories@github.com", "url": "https://expressjs.com/en/4x/api.html#res.location"}, {"source": "security-advisories@github.com", "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"}, {"source": "security-advisories@github.com", "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"}, {"source": "security-advisories@github.com", "url": "https://github.com/expressjs/express/pull/5539"}, {"source": "security-advisories@github.com", "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"}, {"source": "security-advisories@github.com", "url": "https://github.com/koajs/koa/issues/1800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://expressjs.com/en/4x/api.html#res.location"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/expressjs/express/pull/5539"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/koajs/koa/issues/1800"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}, {"lang": "en", "value": "CWE-1286"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-cli-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-console-plugin-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-ebpf-agent-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-flowlogs-pipeline-rhel9:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-operator-bundle:1.6.0-78", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2024:3868", "cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9", "package": "network-observability/network-observability-rhel9-operator:v1.6.0-66", "product_name": "NETWORK-OBSERVABILITY-1.6.0-RHEL-9", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-chains-controller-rhel8:v1.16.0-6", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-cli-tkn-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-console-plugin-rhel8:v1.16.0-52", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-controller-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-entrypoint-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-events-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-git-init-rhel8:v1.16.0-5", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-hub-api-rhel8:v1.16.0-3", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-hub-db-migration-rhel8:v1.16.0-3", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-hub-ui-rhel8:v1.16.0-3", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-manual-approval-gate-rhel8:v1.16.0-2", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-nop-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-operator-bundle:v1.16.0-42", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-operator-proxy-rhel8:v1.16.0-28", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-operator-webhook-rhel8:v1.16.0-28", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-pipelines-as-code-rhel8:v1.16.0-3", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-resolvers-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-results-api-rhel8:v1.16.0-6", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8:v1.16.0-4", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-results-watcher-rhel8:v1.16.0-6", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-rhel8-operator:v1.16.0-28", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8:v1.16.0-5", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-triggers-controller-rhel8:v1.16.0-4", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8:v1.16.0-5", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8:v1.16.0-5", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-triggers-webhook-rhel8:v1.16.0-5", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-webhook-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHEA-2024:7870", "cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8", "package": "openshift-pipelines/pipelines-workingdirinit-rhel8:v1.16.0-7", "product_name": "OpenShift-Pipelines-1.16-RHEL-8", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:4873", "cpe": "cpe:/a:redhat:apicurio_registry:2.6", "package": "express", "product_name": "Red Hat build of Apicurio Registry 2.6.1 GA", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:7164", "cpe": "cpe:/a:redhat:rhmt:1.8::el8", "package": "rhmtc/openshift-migration-ui-rhel8:v1.8.4-10", "product_name": "Red Hat Migration Toolkit for Containers 1.8", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/grafana-rhel8:2.6.1-6", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-cni-rhel8:2.6.1-7", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-must-gather-rhel8:2.6.1-4", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-rhel8-operator:2.6.1-9", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-ossmc-rhel8:1.89.0-2", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-rhel8:1.89.1-3", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-rhel8-operator:1.89.1-1", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/pilot-rhel8:2.6.1-7", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/ratelimit-rhel8:2.6.1-6", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:6211", "cpe": "cpe:/a:redhat:service_mesh:2.6::el9", "package": "openshift-service-mesh/proxyv2-rhel9:2.6.1-4", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 9", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:7624", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/mcg-core-rhel9:v4.14.11-1", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2025:4511", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.18::el9", "package": "odf4/ocs-client-console-rhel9:v4.18.2-8", "product_name": "RHODF-4.18-RHEL-9", "release_date": "2025-05-06T00:00:00Z"}, {"advisory": "RHSA-2025:4511", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.18::el9", "package": "odf4/odf-console-rhel9:v4.18.2-7", "product_name": "RHODF-4.18-RHEL-9", "release_date": "2025-05-06T00:00:00Z"}, {"advisory": "RHSA-2025:4511", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.18::el9", "package": "odf4/odf-multicluster-console-rhel9:v4.18.2-8", "product_name": "RHODF-4.18-RHEL-9", "release_date": "2025-05-06T00:00:00Z"}], "bugzilla": {"description": "express: cause malformed URLs to be evaluated", "id": "2290901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "(CWE-1286|CWE-601)", "details": ["Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.", "A flaw was found in the Express.js minimalist web framework for node. Versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2024-29041", "package_state": [{"cpe": "cpe:/a:redhat:amq_interconnect:1", "fix_state": "Affected", "package_name": "qpid-dispatch", "product_name": "A-MQ Interconnect 1"}, {"cpe": "cpe:/a:redhat:cryostat:2", "fix_state": "Not affected", "package_name": "express", "product_name": "Cryostat 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Will not fix", "package_name": "openshift-logging/logging-view-plugin-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Will not fix", "package_name": "express", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Will not fix", "package_name": "mta/mta-ui-rhel9", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-cli-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-ui-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "express", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Not affected", "package_name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/console-mce-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/multicluster-engine-console-mce-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:workload_availability_node_healthcheck", "fix_state": "Will not fix", "package_name": "workload-availability/node-remediation-console-rhel8", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Not affected", "package_name": "express", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-amp-system-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Will not fix", "package_name": "advanced-cluster-security/rhacs-scanner-v4-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "aap-cloud-ui-container", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "automation-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "automation-eda-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:rhboac_hawtio:4", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat build of Apache Camel - HawtIO 4"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-operator-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Will not fix", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1", "fix_state": "Will not fix", "package_name": "discovery-server-container", "product_name": "Red Hat Discovery"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "cldr-emoji-annotation", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "cldr-emoji-annotation", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "polkit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "impact": "low", "package_name": "express", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Will not fix", "package_name": "odh-dashboard-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Will not fix", "package_name": "odh-operator-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "package_name": "openshift3/ose-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/nmstate-console-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-monitoring-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-networking-console-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Affected", "package_name": "ocs4/mcg-core-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Will not fix", "package_name": "rhods/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Will not fix", "package_name": "rhods/odh-operator-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Will not fix", "package_name": "rhods/odh-rhel8-operator", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Not affected", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Will not fix", "package_name": "rhosdt/jaeger-all-in-one-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-index-cleaner-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-rollover-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-ingester-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Will not fix", "package_name": "rhosdt/jaeger-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Will not fix", "package_name": "rhosdt/jaeger-all-in-one-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-index-cleaner-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-rollover-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-ingester-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Will not fix", "package_name": "rhosdt/jaeger-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/argocd-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Will not fix", "package_name": "openshift-gitops-1/argo-rollouts-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/console-plugin-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-argocd-rhel9-container", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Will not fix", "package_name": "container-native-virtualization/kubevirt-console-plugin", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Affected", "package_name": "container-native-virtualization/kubevirt-console-plugin-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Affected", "package_name": "qpid-dispatch", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Will not fix", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Affected", "package_name": "qpid-dispatch", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Affected", "package_name": "satellite-capsule:el8/qpid-dispatch", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "satellite:el8/qpid-dispatch", "product_name": "Red Hat Satellite 6"}], "public_date": "2024-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-29041\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-29041\nhttps://expressjs.com/en/4x/api.html#res.location\nhttps://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\nhttps://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\nhttps://github.com/expressjs/express/pull/5539\nhttps://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc\nhttps://github.com/koajs/koa/issues/1800"], "statement": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.", "threat_severity": "Important"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object